1
1
Fork 0
mirror of https://code.mensbeam.com/MensBeam/Arsse.git synced 2024-12-23 08:44:54 +00:00

Add means of testing Fever authentication

This commit is contained in:
J. King 2019-03-24 15:05:21 -04:00
parent e45ba3f0ea
commit 1ce95ef4d9
2 changed files with 27 additions and 2 deletions

View file

@ -111,4 +111,12 @@ class API extends \JKingWeb\Arsse\REST\AbstractHandler {
public static function userUnregister(string $user): bool { public static function userUnregister(string $user): bool {
return (bool) Arsse::$db->tokenRevoke($user, "fever.login"); return (bool) Arsse::$db->tokenRevoke($user, "fever.login");
} }
public static function userAuthenticate(string $user, string $password): bool {
try {
return (bool) Arsse::$db->tokenLookup("fever.login", md5("$user:$password"));
} catch (ExceptionInput $e) {
return false;
}
}
} }

View file

@ -80,7 +80,7 @@ class TestAPI extends \JKingWeb\Arsse\Test\AbstractTest {
self::clearData(); self::clearData();
} }
/** @dataProvider provideAuthenticationRequests */ /** @dataProvider provideTokenAuthenticationRequests */
public function testAuthenticateAUserToken(bool $httpRequired, bool $tokenEnforced, string $httpUser = null, array $dataPost, array $dataGet, ResponseInterface $exp) { public function testAuthenticateAUserToken(bool $httpRequired, bool $tokenEnforced, string $httpUser = null, array $dataPost, array $dataGet, ResponseInterface $exp) {
self::setConf([ self::setConf([
'userHTTPAuthRequired' => $httpRequired, 'userHTTPAuthRequired' => $httpRequired,
@ -93,7 +93,7 @@ class TestAPI extends \JKingWeb\Arsse\Test\AbstractTest {
$this->assertMessage($exp, $act); $this->assertMessage($exp, $act);
} }
public function provideAuthenticationRequests() { public function provideTokenAuthenticationRequests() {
$success = new JsonResponse(['api_version' => API::LEVEL, 'auth' => 1]); $success = new JsonResponse(['api_version' => API::LEVEL, 'auth' => 1]);
$failure = new JsonResponse(['api_version' => API::LEVEL, 'auth' => 0]); $failure = new JsonResponse(['api_version' => API::LEVEL, 'auth' => 0]);
$denied = new EmptyResponse(401); $denied = new EmptyResponse(401);
@ -184,4 +184,21 @@ class TestAPI extends \JKingWeb\Arsse\Test\AbstractTest {
$this->assertFalse(API::userUnregister("john.doe@example.com")); $this->assertFalse(API::userUnregister("john.doe@example.com"));
\Phake::verify(Arsse::$db)->tokenRevoke("john.doe@example.com", "fever.login"); \Phake::verify(Arsse::$db)->tokenRevoke("john.doe@example.com", "fever.login");
} }
/** @dataProvider provideUserAuthenticationRequests */
public function testAuthenticateAUserName(string $user, string $password, bool $exp) {
\Phake::when(Arsse::$db)->tokenLookup->thenThrow(new ExceptionInput("constraintViolation"));
\Phake::when(Arsse::$db)->tokenLookup("fever.login", md5("jane.doe@example.com:secret"))->thenReturn(['user' => "jane.doe@example.com"]);
\Phake::when(Arsse::$db)->tokenLookup("fever.login", md5("john.doe@example.com:superman"))->thenReturn(['user' => "john.doe@example.com"]);
$this->assertSame($exp, API::userAuthenticate($user, $password));
}
public function provideUserAuthenticationRequests() {
return [
["jane.doe@example.com", "secret", true],
["jane.doe@example.com", "superman", false],
["john.doe@example.com", "secret", false],
["john.doe@example.com", "superman", true],
];
}
} }